TestAuthenticatedSymmetricCipher

TestAuthenticatedSymmetricCipher is a function in datatest.cpp. It is used to test authenticated encryption ciphers, such as AES operated in CCM mode or GCM mode.

AuthenticatedSymmetricCipher offers the function SpecifyDataLengths. Some modes, such as CCM, require the length of the authenticated data (ADATA) and payload data (PDATA) in advance. Other modes, such as GCM, do not. To determine if SpecifyDataLengths must be used, query the object with NeedsPrespecifiedDataLengths.

Crypto++ Example/Demonstration

To create the encryptor, one would perfrom the following steps. The library's validation code uses a base class pointer due to the Object Factory. This allows a sufficiently generic interface for all classes of authenticed-encrption ciphers. It is not strictly necessary to use the base class pointer in an application.

In the code above, Crypto++ demonstrates one way to move discrete data into different channels using TransferTo. Note that TransferTo takes a filter, size, and an optional channel. The StringStore object will handle the Put. Crypto++ also demonstrates the order of opertions during the encryption/authentication process. The data is consumed in the following order (MAC_AT_BEGIN is not a flag to an encryption filter - only decryption filters).

By using the following techniques (which clearly removes readability), Crypto++ admits it is OK to perform multiple Puts on a data/channel pair. The first TransferTo moves half the data, the second moves the remaining data.

Above, Crypto++ shows yet another way to move data from a source (the StringStore) to a sink (the separate channels of the filter). Code such as sm.TransferTo(df); has been simplified because part of the object's internal queue was drained during encryption/authentication. sm.TransferTo(df); will drain the remaining data. During decryption/verification - and when using MAC_AT_BEGIN - the order of operations is: